TPI-Abuse
2024-11-06 18:49:51
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 13:49:46.608271 2024] [security2:error] [pid 15884:tid 15884] [client 146.190.55.231:44064] [client 146.190.55.231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.57"] [uri "/.env"] [unique_id "Zyu6SlF9sUsp5YiNL7rmMwAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
whitehoodie
2024-11-06 18:30:24
(2 months ago)
AUTOMATED REPORT: Tried to access .env file
Hacking
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-06 18:29:09
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 13:29:03.672896 2024] [security2:error] [pid 20943:tid 20943] [client 146.190.55.231:36924] [client 146.190.55.231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.41"] [uri "/.env"] [unique_id "Zyu1b-imsF7qc3Ir_3j2VAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
KPS
2024-11-06 18:20:10
(2 months ago)
PortscanM
Port Scan
penjaga BRIN
2024-11-06 18:15:07
(2 months ago)
nginx-alfa-240
Web App Attack
Study Bitcoin 🤗
2024-11-06 18:08:19
(2 months ago)
Port probe to tcp/443 (https)
[srv128]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
MPL
2024-11-06 17:58:59
(2 months ago)
tcp/443 (4 or more attempts)
Port Scan
MPL
2024-11-06 17:58:59
(2 months ago)
tcp/443 (2 or more attempts)
Port Scan
TPI-Abuse
2024-11-06 17:55:53
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 12:55:50.114741 2024] [security2:error] [pid 28295:tid 28295] [client 146.190.55.231:55884] [client 146.190.55.231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.113"] [uri "/.env"] [unique_id "ZyutpoOZKKWNwYUXPtcFWgAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-06 17:51:02
(2 months ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET / HTTP/1.0
Hacking
Web App Attack
TPI-Abuse
2024-11-06 17:38:00
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 12:37:52.455860 2024] [security2:error] [pid 4364:tid 4437] [client 146.190.55.231:53854] [client 146.190.55.231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.128"] [uri "/.env"] [unique_id "ZyupcC0leXgP_G0IbKD7AAAAAc8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-06 17:21:03
(2 months ago)
2024/11/06 18:21:02 [error] 4037#4037: *3727557 access forbidden by rule, client: 146.190.55.231, se ... show more 2024/11/06 18:21:02 [error] 4037#4037: *3727557 access forbidden by rule, client: 146.190.55.231, server: aide.bobelweb.eu, request: "GET /.env HTTP/1.1", host: "163.172.78.48" show less
Brute-Force
Web App Attack
TPI-Abuse
2024-11-06 17:15:24
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 146.190.55.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 12:15:16.924271 2024] [security2:error] [pid 1303182:tid 1303182] [client 146.190.55.231:58644] [client 146.190.55.231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.99"] [uri "/.env"] [unique_id "ZyukJIBJWUO1H2gJx9zBuQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
mescribano
2024-11-06 17:10:02
(2 months ago)
Bad Web Bot
Web App Attack
barbarella
2024-11-06 17:09:34
(2 months ago)
Configuration snooping in .env file (GET /.env)
Hacking
Web App Attack